Re: [quicwg/base-drafts] Simplify the client's PTO code by allowing the server to send a PING (#3161)

Kazuho Oku <> Tue, 29 October 2019 05:21 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 659D1120044 for <>; Mon, 28 Oct 2019 22:21:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.597
X-Spam-Status: No, score=-6.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id bCwbY_F1f6_j for <>; Mon, 28 Oct 2019 22:21:46 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1C468120043 for <>; Mon, 28 Oct 2019 22:21:46 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 4E467A060D for <>; Mon, 28 Oct 2019 22:21:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1572326505; bh=dmScpTf2MHW0NuU78eHfvyoolWxQqgW3ZYoz0auyJHs=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=dQX6JfBqtQFEOihkGuJEAjBLXGK6mlEAcSjGKk3xUW3Dw28g/lCApkmGF7+BV6MOb iP2IvJ4ERPOsbggzwvb5LavteVaSWbiFRwAnbzfoWuvHYKDRX/Z3w+E27c4JRE28ii P3FZvJNXZKjyGU8k1eMV29ejSPjIdZm2nlc1SRPk=
Date: Mon, 28 Oct 2019 22:21:45 -0700
From: Kazuho Oku <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3161/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Simplify the client's PTO code by allowing the server to send a PING (#3161)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5db7cc693f522_75ac3fc8962cd960756c5"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 29 Oct 2019 05:21:47 -0000

> In a strict sense, this means that a client can use N bytes to trigger the server to send 3N + epsilon bytes

I think this might be concerning, though I could well be wrong.

Consider the case of an attacker acting as a client, using the IP address of a victim as the source address. The attacker can spoof an Initial packet that carries a Client Hello and another Initial packet that carries an ACK for the server's Initial packet that carried the Server Hello. An attacker can build the correct second packet assuming that the server uses the DCID of the client's Initial packet as it's CID (or the CID is zero length), and that the server's first packet number can be guessed.

If that ACK contains a delay that indicate to the server that the RTT is very small (e.g., 1ms), then the PTO could be as small as that value. Then, if the server's connection timeout is say 1000ms, the server might send 1000 packets to the victim before dropping the connection.

Am I missing something?

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: